I administer a couple of Debian based email servers all with similar setups. Each runs Exim, ClamAV, and Spamassassin. Around the time I upgraded the servers from sarge to etch I noticed that exim was logging to the panic log periodically. This hasn’t been a huge concern to me as it should result in a temporary delivery error and the sending email server should resend the failed message. Still any issue annoys me. I didn’t get very far tracking the problem down. As best I could tell ClamAV was taking longer than 3 minutes to reload virus definitions and was unresponsive to Exim during the reload period. Exim would then panic.
The log file contained entries that looked like this:
Recently a friend who seemed to have a similar problem alerted me to the Debian Volatile project. This project is, essentially, a backport project for software that is “volatile.” This includes software such as ClamAV and Spamassassin. It can be critical to keep up to date with these packages if you are running a mail server. A few days ago I upgraded Spamassassin and ClamAV to the versions provided in etch/volatile. This seems to have corrected the ClamAV problem I was faced and now I have a more recent version of Spamassassin to better fight spam with.
The problem it seems was that freshclam, the tool that updates the virus definitions, wasn’t able to get new definitions because it was too old. Apparently freshclam sends along version information and the server rejects the request if the version is too old.